Rogue government tweeters in U.S. could be prosecuted as hackers
U.S. employees who use government email addresses, accounts could face repercussions
Who are the federal government's rogue tweeters, using official agency social media accounts to poke President Donald Trump? Are these acts of civil disobedience, or federal crimes?
The online campaign began with unauthorized tweets — on subjects such as climate change inconsistent with Trump's campaign statements and policies — that have been mostly deleted from official agency accounts. It shifted tactics Thursday as at least 40 new but unofficial "alternative" accounts for federal agencies began spreading across Twitter. It wasn't clear how many unofficial accounts were run by government employees, but there were early indications that at least some were created by federal workers using their work email addresses — and that may have exposed their identities.
We regret the mistaken RTs from our account yesterday and look forward to continuing to share the beauty and history of our parks with you <a href="https://t.co/mctNNvlrmv">pic.twitter.com/mctNNvlrmv</a>
—@NatlParkService
The administration said the earlier Twitter actions involved tweets by unauthorized users — at least one was a former employee — who still had passwords for the agency accounts, including one case involving the account for the Redwoods National Park in California. Legal experts said the Justice Department could prosecute such tweeters under federal hacking laws, but the FBI so far was not involved.
"An unauthorized user had an old password in the San Francisco office, went in and started retweeting inappropriate things that were in violation of their policy," White House spokesman Sean Spicer said. Separately, the National Park Service said tweets published earlier this week on the account of the Badlands National Park in South Dakota were posted by a former employee not authorized to use the account.
Can't wait for President Trump to call us FAKE NEWS. <br><br>You can take our official twitter, but you'll never take our free time!
—@AltNatParkSer
Employees or former employees publishing unauthorized messages on official accounts could be prosecuted under the U.S. Computer Fraud and Abuse Act, which prohibits someone from exceeding authorized access to computers. "The argument would be that the authorization to use the account was only for employees and implicitly that was extinguished when the employee left government employment," said Orin Kerr, a law professor at George Washington University.
Even employees authorized to use official agency Twitter accounts could face legal jeopardy posting messages they weren't supposed to write, said Stewart Baker, a cybersecurity lawyer and former National Security Agency and Department of Homeland Security official.
Taking measures
"If someone says you may not tweet except in these circumstances, and you tweet in other circumstances, you're exceeding authority," Baker said. He added that some federal courts would examine the security measures in place and could throw out cases where employees weren't clearly violating them.
"It wouldn't surprise me if at this stage a criminal investigation was opened and criminal tools were used to investigate this, even if at the end of the day they decided not to pursue criminal charges," Baker said.
A federal law enforcement official, speaking on condition of anonymity because he was not authorized to discuss the matter by name, said he was unaware of any requests from federal agencies to investigate the rogue tweets.
The unauthorized messages posted under official accounts appeared to be dropping off, as the Trump administration regained control over its agency accounts. Over last weekend, immediately after Trump's inauguration, transition staff changed all social media passwords for the Environmental Protection Agency, said Jared Blumenfeld, a former EPA official under the Obama administration who said he was speaking regularly with former colleagues.
Starting Wednesday, scores of unofficial Twitter accounts appeared purporting to represent federal agencies, mocking Trump using the same social media service the president uses daily. At least some were linked to federal employees using work email addresses who inadvertently revealed their involvement.
Twitter users can choose to allow others on the service to find them by searching for their email address. In other cases, Twitter notified users who previously shared their online address books using Twitter's "Find Friends" feature that anonymous accounts were created by federal employees whose work email addresses were already in those address books.
One side effect to the Twitter dispute? Some U.S. government Twitter accounts saw surges in followers.
"We're thrilled you found us," said the official account for Biscayne National Park in Florida, "for whatever reason."